Fail2ban

From Proxmox VE
Revision as of 12:51, 18 February 2014 by M ardito (talk | contribs)
Jump to navigation Jump to search

Note: article taken straight from this forum post

Protecting the web interface with fail2ban

aptitude install fail2ban

Copy the file /etc/fail2ban/jail.conf to a new file jail.local 

cp /etc/fail2ban/jail.conf /etc/fail2ban/jail.local

Add the following string to the end of this file /etc/fail2ban/jail.local : 

[proxmox3]
enabled = true
port = https,http,8006
filter = proxmox3
logpath = /var/log/daemon.log
maxretry = 3
bantime = 3600 # 1 hour

Create the file /etc/fail2ban/filter.d/proxmox3.conf : 

[Definition]
failregex = pvedaemon\[.*authentication failure; rhost=<HOST> user=.* msg=.*
ignoreregex =

You can test your configuration with the command : 

fail2ban-regex /var/log/daemon.log /etc/fail2ban/filter.d/proxmox3.conf

Restart fail2ban: 

/etc/init.d/fail2ban restart

Links

Retrieved from "https://pve.proxmox.com/mediawiki/index.php?title=Fail2ban&oldid=6310"